product-issues
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local Go scripts using the 'go run' command for state assessment, feature listing, and issue tracking automation.
- [COMMAND_EXECUTION]: Invokes external CLI tools including 'gh' (GitHub) and 'linear' to create issues with titles and bodies derived from project plans.
- [COMMAND_EXECUTION]: Performs Git operations ('git add' and 'git commit') to record the mapping of features to created issues and ensure persistence.
- [PROMPT_INJECTION]: Contains an indirect prompt injection surface (Category 8) because it ingests data from external plans and PRDs to populate command-line arguments.
- Ingestion points: Reads content from files located in '.agents/products/plans/' and '.agents/products/prds/' (SKILL.md).
- Boundary markers: No delimiters or safety instructions are used to separate untrusted data from the task instructions.
- Capability inventory: Includes shell command execution ('gh', 'linear', 'go run'), filesystem access, and 'git' operations.
- Sanitization: No explicit escaping or validation of plan-derived strings (e.g., feature titles or descriptions) is performed before they are passed to shell commands.
Audit Metadata